<?
	include('chksession.php');
	session_start();
	include('conn.php');
    $data = file_get_contents("php://input");
    $objData = json_decode($data);
		$msg='';
		$user_passold=$objData->user_passold;
		$user_pass=$objData->user_pass;
		$user_passcnf=$objData->user_passcnf;
		$user_id=$_SESSION['username'];
		$modifiedby=$_SESSION['username'];
		$sql="select * from usermast where user_id='".$user_id."' and user_pass='".md5($user_passold)."'";
		$res=mysql_query($sql) or die(mysql_error());
		$nrow=mysql_num_rows($res);
		if ($nrow==1)
		{
		if ($user_passcnf == $userpass) {
			$sqlupdate="update usermast set user_pass='".md5($user_pass)."' where user_id='".$user_id."'";
			$resupdate=mysql_query($sqlupdate);
			if($resupdate)
			$msg='Password change successfully';
			}
		else
			{
				$msg = "Password and Confirm Password Does not Match";
			}
		}
		else
		{
			$msg='Old Password is wrong';
		}
		echo $msg;
?>